On Mutual Authorizations: Semantics, Integration Issues, and Performance

Abstract:

Protecting information from unauthorized access is important to guarantee data confidentiality. Access policies state who may access which resource. Such policies are often implemented using authorizations of a specific access control model. Various models have been proposed; a prominent, mature one is Role-based Access Control (RBAC)[20]. Traditional access policies are designed to fulfill the needs of an organization or the individual needs of the users of a system. When, however, users decide who may access their resources, social factors and human behavior are significant. An important trend in psychology, economics, and sociology is reciprocity. Studies [6, 7, 24] have revealed that, although humans are self-interested, they often deviate from this attitude reciprocally. Reciprocity means that, in response to friendly actions, people are more cooperative. Reciprocity comes into play with access control when persons grant access to their resources to users that allow them the same. Think of a bike sharing system: It is more natural for a user to allow usage of his bike to others who allow him using theirs.

Año de publicación:

2019

Keywords:

Fuente:

google